This week, Apple released security updates to address a zero-day vulnerability impacting iPhones and macOS. The company issues an advisory stating that they are aware of the flaw (CVE-2022-32917) and that it may have been actively exploited.
CVE-2022-32917 is a zero-day that allows a malicious app to run arbitrary code on a device with kernel privileges. The flaw could give attackers full access to the device and its data and is the eighth zero-day for Apple this year. Apple has supplied updates for the following:
Apple has not released how CVE-2022-32917 is being exploited by attackers and there is no further information regarding the vulnerability. Omitting information is common for Apple, as they likely want to allow customers to patch their devices before attackers can exploit the flaw and start targeting vulnerable users.
In addition to patching CVE-2022-32917 this week, Apple back-ported a patch for a different zero-day (CVE-2022-32894) to Macs running macOS Big Sur 11.7. The WebKit zero-day vulnerability was patched at the end of August and affects iOS versions running on older iPhones and iPads. Avertium urges all Apple users to update their devices as soon as possible to block exploitation attempts.
Please patch your device as soon as possible. You can find guidance on security updates at the links below:
INDICATOR'S OF COMPROMISE (IOCS):
While Apple products are not widely used at an enterprise level, these devices could provide an attack vector to company executives. Avertium is raising awareness among our customers to patch this vulnerability before it is too late.